1. Field of the Invention
The present invention is generally concerned with the protection and security of telecommunication networks, in particular local area networks (LAN). The invention is more particularly concerned with verifying the integrity of data exchanged between two telecommunication stations.
2. Description of the Prior Art
The growth in "electronic data interchange" between companies has led local area network administrators to draw up a policy on security and protection for such communications directed to detecting any alteration of the data exchanged. This alteration may be accidental or the result of "hacking" by an ill-intentioned third party. Much more easily and much less detectably than in the transmission of information between persons by mail, electronic data transmission between users entails the possibility of alteration, such as loss, modification, insertion or deletion of data, due either to transmission errors or to intentional falsification.
It is relatively easy for an ill-intentioned third party to falsify data transmitted between two user stations. For example, it entails the fraudulent connection of processing means in series with the link connecting the two stations between which data is exchanged, giving the processing means characteristics, such as the network address, etc., of determined one of the two stations. Configured in this way, the processing means receives all the data traffic addressed to the determined station and modifies this data traffic, retransmitting a falsified traffic to the determined station.
A prior art method for verifying the integrity of data exchanged between two stations will now be described with reference to FIG. 1 and 2. FIG. 1 shows two local area networks R1 and R2 connected by a public network RP. The networks R1 and R2 respectively comprise four stations S10 through S13 and three stations S20 through S22, for example, and have a ring type topology and a bus type topology, respectively. The networks R1 and R2 are interconnected via the public network RP by two routers, also called gateways, RO1 and RO2 associated with the networks R1 and R2, respectively.
As shown in FIG. 2, each station in either of the networks R1 and R2, such as station S10, is defined in accordance with the OSI (Open Systems Interconnection) reference model of the ISO (International Standardization Organization) by a plurality of telecommunication protocol layers called the PHYSICAL, LINK, NETWORK, TRANSPORT, SESSION, PRESENTATION and APPLICATION layers. To connect the station S10 to the network R1, the station S10 has an electrical, optical or possibly even radio frequency (in the case of radio links) interface IN providing the physical link between the station S10 and a communication medium SU defining the topology of the network R1.
In the prior art technique, the implementation of an integrity verification procedure is directly dependent on the application element APPLICATION with which said procedure coexists. As shown in FIG. 2, this leads to the integration of an integrity verification module VER into the software or application means APPLICATION. In practise the integrity verification module VER can be incorporated into an external component which is invoked by the application means. Verification of the integrity of data exchanged between two stations, such as station S10 of network R1 and station S20 of network R2, both including compatible integrity verification modules in their APPLICATION layer, is carried out in the following manner.
When a station, for example the station S10, is ready to transmit a sequence of data that may comprise a frame or a group of frames to the other station, i.e. station S20 in this example, the station S10 first calculates, or has calculated by the external component, a first encipherment seal as a function of the sequence of data to be transmitted by using an encipherment algorithm. The first seal calculated is then transmitted with the sequence to the station S20. On receiving said first seal and a received sequence corresponding to the sequence transmitted over the public network RP, the station S20 calculates a second seal from the received sequence by using an encipherment algorithm identical to the encipherment algorithm used in the station S10. The calculated second seal is compared with the first seal as received in the station S20. A positive comparison of the seals indicates that the integrity of the data transmitted in the sequence has been preserved. Conversely, a negative comparison of the seals tells the station S20 that the original data transmitted by the station S10 has been modified. The negative comparison can trigger an alert to warn the station S20 user, or such as an attack on the integrity of the data can be identified, as far as the corresponding link, the source and destination stations, etc. are concerned, and be stored in a security file at the station S20 for subsequent analysis.
This integrity verification according to the prior art technique is restricted to applications for which such verification is provided. In data processing terms, it is not possible to verify the integrity of data transmitted and received by an application layer which has no integrity verification module VER.